Tag: russia
-
Russia establishes Vienna as key western spy hub targeting NATO
Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transformed Vienna into its largest Western spy hub, steadily expanding surveillance over the past two years. Using diplomatic compounds and rooftop satellite clusters, Russia monitors sensitive communications across…
-
Russia-linked hackers use advanced iPhone exploit to target Ukrainians
The malware, dubbed DarkSword, allows attackers to break into iPhones with little to no user interaction, extract sensitive data within minutes, and then erase traces of the intrusion, researchers at cybersecurity firm Lookout said. First seen on therecord.media Jump to article: therecord.media/russia-linked-hackers-use-iphone-exploit-ukraine
-
US intelligence chief grilled on absence of election threats in security assessment
Previous clandestine community assessments have documented, at least at a high level, attempts by Iran, Russia or China to sway voters with online propaganda or through cyber operations. First seen on therecord.media Jump to article: therecord.media/us-intel-chief-senate-election-security-threat-assessment
-
Second iOS exploit kit now in use by suspected Russian hackers
The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. First seen on cyberscoop.com Jump to article: cyberscoop.com/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools/
-
Second iOS exploit kit emerges from suspected Russian hackers using possible U.S. government-developed tools
The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. First seen on cyberscoop.com Jump to article: cyberscoop.com/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools/
-
Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools
A suspected group of Russian government hackers was caught targeting Ukrainians with new iPhone hacking tools designed for espionage and potentially to steal crypto. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/18/russians-caught-stealing-personal-data-from-ukrainians-with-new-advanced-iphone-hacking-tools/
-
Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild
A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites. First seen on wired.com Jump to article: www.wired.com/story/hundreds-of-millions-of-iphones-can-be-hacked-with-a-new-tool-found-in-the-wild/
-
FancyBear Server Leak Exposes Stolen Credentials, 2FA Secrets, NATO Targets
Tags: 2fa, breach, credentials, cyber, data-breach, espionage, government, infrastructure, leak, military, russiaFancyBear’s latest operational security failure has exposed a live Russian espionage server packed with stolen credentials, 2FA secrets, and detailed insight into the ongoing targeting of European government and military networks. The exposed infrastructure, tied to APT28/FancyBear and previously reported by CERT”‘UA and Hunt.io, reveals both the scale of the compromises and the carelessness of…
-
Free parking in Russia after Distributed DenialService attack knocks city’s parking system offline
Drivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/free-parking-russia-distributed-denial-of-service-attack-parking-system
-
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets
Russia-linked threat actors target Ukrainian entities with DRILLAPP backdoor and use Edge debugging for stealth. A new DRILLAPP backdoor campaign targets Ukrainian organizations, abusing Microsoft Edge debugging to evade detection. Observed in February 2026, it shows links to previous Russian-aligned operations by Laundry Bear APT group (aka UAC-0190, Void Blizzard) using the PLUGGYAPE malware family…
-
Cybercrime has skyrocketed 245% since the start of the Iran war
Hacktivists use proxy services from Russia, China for ‘billions of designed-for-abuse connection attempts’ First seen on theregister.com Jump to article: www.theregister.com/2026/03/16/cybercrime_iran_war_245_percent_rise/
-
Cyberattack disrupts parking payments in Russian city
The Russian city of Perm has restored its parking payment system after a cyberattack knocked the service offline. First seen on therecord.media Jump to article: therecord.media/cyberattack-russia-parking-system
-
Russia-linked espionage campaign targeting Ukraine using Starlink and charity lures
A Russia-linked hacker group launched a cyber-espionage campaign targeting Ukrainian organizations using fake documents about Starlink satellite internet terminals and a well-known Ukrainian charity, to infect devices with spyware. First seen on therecord.media Jump to article: therecord.media/russia-ukraine-cyber-espionage-group
-
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo’s LAB52 threat intelligence team.The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear (aka UAC-0190 or Void Blizzard) aimed…
-
A Hacker Accidentally Broke Into the FBI’s Epstein Files
Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-a-hacker-accidentally-broke-into-the-fbis-epstein-files/
-
Breach Roundup: Russian State Actors Target Signal, WhatsApp
Also, More ClickFix Attacks and Teen Booters Arrested in Poland. This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a 14K-router botnet, Polish teens held over DDoS tools and Finland warned of Russian, Chinese espionage. North Korean IT workers for hire. First…
-
Fake government and Starlink apps used in malware campaign targeting Brazil
The malware, dubbed BeatBanker by Russian cybersecurity firm Kaspersky, infects smartphones through fake applications that mimic legitimate services, including the Starlink satellite internet app and the Brazilian government portal INSS Reembolso. First seen on therecord.media Jump to article: therecord.media/fake-gov-apps-malware-android-brazil
-
4,000+ Routers Compromised by KadNap Malware Exploiting Vulnerabilities
A newly uncovered malware campaign dubbed KadNap has silently conscripted more than 14,000 internet”‘exposed routers and edge devices into a stealth proxy botnet, with Asus routers the primary victims. More than 60% of known victims are located in the United States, with additional infections observed in Taiwan, Hong Kong, Russia, and other countriesHow KadNap Infects Routers The…
-
BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations
Russian threat actors for more than a year have targeted HR and recruiting operations in a sophisticated phishing and infostealing campaign that includes a component, dubbed BlackSanta, that can shut down antivirus tools and EDR protections before deploying the malware that exfiltrates data, Aryaka researchers say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/blacksanta-malware-shuts-down-protections-targets-hr-and-recruiting-operations/
-
Fake job applications pack malware that kills endpoint detection before stealing data
Russian-speaking attackers lure HR staff into downloading ISO files that disable defenses First seen on theregister.com Jump to article: www.theregister.com/2026/03/10/malware_targeting_hr/
-
BlackSanta Malware Targets HR Staff with Fake CV Downloads
Aryaka researchers have identified a new threat from a Russian-speaking group using ‘BlackSanta’ malware. By disguising attacks as job applications, hackers are bypassing security to target recruitment workflows. First seen on hackread.com Jump to article: hackread.com/blacksanta-malware-hr-staff-fake-cv-downloads/
-
New ‘BlackSanta’ EDR killer spotted targeting HR departments
For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-blacksanta-edr-killer-spotted-targeting-hr-departments/
-
US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/10/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine/
-
Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit
After several years of using simple implants, the Russia-affiliated actor is back with two new sophisticated malware tools. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/sednit-resurfaces-with-sophisticated-new-toolkit
-
U.S. military contractor likely built iPhone hacking tools used by Russian spies in Ukraine
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/10/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine/
-
An iPhone-hacking toolkit used by Russian spies likely came from US military contractor
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/
-
APT28 conducts long-term espionage on Ukrainian forces using custom malware
APT28 used BEARDSHELL and COVENANT malware to spy on Ukrainian military personnel, enabling long-term surveillance since April 2024. The Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has used BEARDSHELL and COVENANT malware to conduct long-term surveillance of Ukrainian military personnel. According to ESET, the campaign began in April 2024 and relies on…
-
‘BlackSanta’ EDR Killer Targets HR Workflows
A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/blacksanta-edr-killer-hr-workflows